General
-
Target
2832-20-0x0000000000650000-0x000000000066E000-memory.dmp
-
Size
120KB
-
MD5
d551325ef873dba76488a6716eeba05d
-
SHA1
d125ce674d90a13edf438e60f9eb91c8fb7e773a
-
SHA256
d612c870f9a514b4d8c0837a6128f7c341c3beb84bfe580312a63d58d34bf05a
-
SHA512
4af917da2c304c98578422bbd953bdd28f2f2c19e354a48c9847e02764c76a78b93a99d5fc7b019e12898e055b2ab2afc6890904f231acd01afa56bd2c7df077
-
SSDEEP
3072:5JZkmOXW8RZCJvI4z66O+CN2b00FI9cf/:YRYJ92HN2b
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
66.154.103.135:4800
Mutex
rm4C0XC5aW9eGOEB
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2832-20-0x0000000000650000-0x000000000066E000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections